CIFS: implement v3.11 preauth integrity SMB3.11 clients must implement pre-authentification integrity. * new mechanism to certify requests/responses happening before Tree Connect. * supersedes VALIDATE_NEGOTIATE * fixes signing for SMB3.11 Signed-off-by: Aurelien Aptel <aaptel@suse.com> Signed-off-by: Steve French <smfrench@gmail.com> CC: Stable <stable@vger.kernel.org> Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>

commit: 8bd68c6e47abff34e412a0c68cecb4a36bf0198b [log] [tgz]
author: Aurelien Aptel <aaptel@suse.com> Fri Feb 16 19:19:29 2018 +0100
committer: Steve French <stfrench@microsoft.com> Sun Apr 01 20:24:40 2018 -0500
tree: 843fb398bb4b5f6ee1e6a5235bb9ce57a8d4b477
parent: 5fcd7f3f966f37f3f9a215af4cc1597fe338d0d5 [diff] [blame]
diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h
index 765fc2c..c294093 100644
--- a/fs/cifs/cifsglob.h
+++ b/fs/cifs/cifsglob.h

@@ -675,7 +675,8 @@ struct TCP_Server_Info {
 	unsigned int	max_read;
 	unsigned int	max_write;
 #ifdef CONFIG_CIFS_SMB311
-	__u8	preauth_sha_hash[64]; /* save initital negprot hash */
+	 /* save initital negprot hash */
+	__u8	preauth_sha_hash[SMB2_PREAUTH_HASH_SIZE];
 #endif /* 3.1.1 */
 	struct delayed_work reconnect; /* reconnect workqueue job */
 	struct mutex reconnect_mutex; /* prevent simultaneous reconnects */
@@ -864,7 +865,7 @@ struct cifs_ses {
 	__u8 smb3encryptionkey[SMB3_SIGN_KEY_SIZE];
 	__u8 smb3decryptionkey[SMB3_SIGN_KEY_SIZE];
 #ifdef CONFIG_CIFS_SMB311
-	__u8 preauth_sha_hash[64];
+	__u8 preauth_sha_hash[SMB2_PREAUTH_HASH_SIZE];
 #endif /* 3.1.1 */
 };
commit	8bd68c6e47abff34e412a0c68cecb4a36bf0198b	[log] [tgz]
author	Aurelien Aptel <aaptel@suse.com>	Fri Feb 16 19:19:29 2018 +0100
committer	Steve French <stfrench@microsoft.com>	Sun Apr 01 20:24:40 2018 -0500
tree	843fb398bb4b5f6ee1e6a5235bb9ce57a8d4b477
parent	5fcd7f3f966f37f3f9a215af4cc1597fe338d0d5 [diff] [blame]